The play of electronic games on the Internet is an increasingly popular pastime. Although online game play has traditionally been carried out by players connecting in a client-server mode to game web sites, such as Microsoft Corporation's MSN GAMES™ website, the growing popularity of instant chat systems, such as Microsoft Corporation's MSN INSTANT MESSENGER™ service has provided yet another venue for game play between friends on peer-peer chat networks. Some games are provide free of charge when the user downloads and installs a chat program. However, it is also contemplated that other selected games will be provided only to those who subscribe to a Premium Access chat or messenger service.
Unlike games playable only by those who are accessing a specific gaming web site, it is relatively difficult to support a trial play option for premium service games on a chat service or other type of peer-peer network, since the game content will normally be fully available to the trial player, who has not provided credit card information for accessing the premium games on a subscription basis. Hackers can thus fully access the content of premium subscription games, and it is likely that they will attempt to avoid paying the subscription fee for the continued right to play the games. Preferably, a trial usage of the game should end after a predefined period of time or after a predefined number of game plays, unless at least one player is or becomes a subscriber to the premium software content usable over the peer-peer system. But once the premium software content has been made available to a user, it can be very difficult to ensure that unauthorized use of the game by at least some users does not continue.
There are several undesired scenarios that can arise as a result of making software available for trial usage on a peer-peer network. These include the case where a hacker extracts the premium software file and hosts it on a custom server of the hacker. By simply modifying an eXtensible Markup Language (XML) file for executing the software and then distributing the modified XML file to their friends, the hacker and friends could execute the software for free, indefinitely. A hacker might also cache a valid “ticket” issued by a Security and Access Service (SAS) of the peer-peer system providing the game software, e.g., if the ticket to play premium software was obtained from a friend who is a paying subscriber. By saving the SAS ticket as a persistent cookie (or by employing some other simple cookie hack), a hacker would be able to continually execute premium access software for free with other non-subscribing friends who are connected over the peer-peer network. As a further scenario, hackers might continually reset the trial token period for the software game, so that the hackers and their friends could play the game indefinitely in the free trial mode. However, the need to frequently reset the trial period might eventually deter this approach.
Clearly, it is important to substantially reduce the possibility that a user accessing premium game software or other software on a trial basis might simply steal the content and offer a free version for others to use. It would also be desirable to substantially reduce the possibility that an SAS ticket might be used or reused by a different person than the subscriber to whom it was originally issued. One goal is thus to prevent continued access to a premium software by anyone who has not signed up for the premium access service and who has not actually been authenticated as a paying subscriber. Preferably, it should not be possible to execute premium software without becoming a subscriber, simply by resetting the trial period to use the software. It would also be desirable to prevent other parties from accessing and tampering with paying subscribers' data. Ultimately, the most important goal is securely manage trial usage of premium software, to encourage users to try the software, and if they enjoy or benefit from using the software, to become subscribers to the premium access service that enables the software to be executed on a continuing basis.